CONTACT US
1-844-4ZPE-SYS
ZPE CLOUD

Providing Out-of-Band Connectivity to Mission-Critical IT Resources

Home » Remote Network Management » Power Management » Page 8

Solving Remote IT Infrastructure Management Challenges With Gen 3 Out-of-Band

by | Sep 1, 2022 | DevOps, Monitoring & Reporting, NetDevOps, Network Automation, Out of Band Management, Power Management, Remote Network Management, SD-WAN, Secure Access Service Edge (SASE)

Remote it infrastructure management

Enterprise IT management used to be much simpler. The entire network infrastructure would reside in the same location as the administrators who managed it, typically in closets and basement rooms in the HQ office building. Those days are long gone, however, and now most infrastructure is housed in off-site data centers, colocations, the cloud, or a combination of these. For most organizations, it isn’t feasible to maintain tech teams in each of these locations, which means administrators need to remotely manage their IT infrastructure.

Remote IT infrastructure management presents some interesting challenges. First, you need a way to remotely troubleshoot and recover from outages when the main WAN connection is unavailable. Second, you need to maintain optimal environmental conditions and monitor for issues that could damage data center equipment.

Solving remote IT infrastructure management challenges with Gen 3 out-of-band

Out-of-band (OOB) management uses a dedicated network to handle the orchestration and troubleshooting of remote infrastructure. This provides an alternative network path to this infrastructure in case the primary WAN link is down, and allows administrators to perform complex orchestration workflows without slowing down the production network.

Gen 3 OOB uses serial consoles to give administrators management access to many devices in the rack from one centralized portal. What makes an OOB serial console “Gen 3” is a combination of high-speed out-of-band access, complete vendor neutrality, and end-to-end automation and orchestration support. Let’s discuss how Gen 3 out-of-band can solve the three major remote IT infrastructure management challenges.

Remote troubleshooting and outage recovery

Downtime is expensive, which is why it’s important to recover from network outages as quickly as possible. However, many of the tools used to remotely manage IT infrastructure require a network connection. If a piece of networking hardware fails and takes down the LAN, or the ISP suffers a regional outage, administrators are left without access to troubleshoot and fix the problem. That leaves only two options: dispatching a truck roll or hiring on-site managed services. Option one is time-consuming and expensive, and option two is a security risk (and also expensive).

A Gen 3 OOB solution provides one or more alternative network paths to remote infrastructure. Often, it uses a cellular modem or secondary broadband network interface, which may also provide network failover capabilities. All network and infrastructure management occurs on this dedicated network, which provides two benefits:

  1. Deployment, maintenance, and orchestration activities won’t take up bandwidth on the production network; and
  2. Administrators can still access critical remote infrastructure during a production network outage.

Gen 3 OOB improves upon earlier technology which used slow dial-up interfaces, insecure hardware, and closed OS architectures. Gen 3 out-of-band includes security features like UEFI secure boot, geofencing, and an onboard firewall. The operating system is Linux-based to allow for easy integrations with any vendor solution, and vulnerabilities are patched quickly. This ensures that administrators have constant, high-speed, secure access to remote multi-vendor IT infrastructure.

Remote monitoring of environmental conditions

The environmental conditions in the data center have a major impact on the performance and functionality of critical infrastructure. Environmental threats like heat, moisture, power surges, smoke, and even physical tampering are major causes of data center downtime. When you don’t have actual eyes on the conditions in your rack, it can be difficult to detect environmental issues early on, when there’s still a chance to correct the issue and prevent downtime.

A Gen 3 OOB serial console includes GPIO interfaces for environmental monitoring sensors. These sensors are used to measure the temperature, relative humidity, air quality, and airflow in a rack, and in some cases can also detect smoke, proximity, and tampering. The monitoring sensors feed data back into a centralized environmental monitoring system which provides visualizations of present and historical conditions. It also sends automatic alerts to administrators when conditions require immediate attention. Plus, since this monitoring system is integrated with an OOB serial console, administrators can stay abreast of environmental conditions even when the production network goes down.

Remote IT infrastructure automation and orchestration

Automation allows IT teams to manage network infrastructures faster and more efficiently while reducing the risk of human error. However, one of the major hurdles to automation is vendor lock-in. Many infrastructure solutions don’t integrate with third-party automation tools and instead require you to use their own proprietary scripting languages and playbooks. Since many IT infrastructures are made up of a variety of vendor hardware and software solutions, administrators are forced to learn and manage multiple different automation platforms.

This difficulty only increases when those solutions are managed remotely. Administrators need to remotely jump from box to box and interface to interface just to execute basic automation workflows. It gets even more complicated when there are multiple remote sites to manage, as is the case in many large and globalized enterprises.

By definition, a Gen 3 out-of-band platform is vendor-neutral. That means it can dig its orchestration hooks into every hardware and software solution in your data center. It also supports integrations and direct hosting of third-party automation tools, so you can use the scripting languages and automation solutions of your choice. Finally, a Gen 3 solution centralizes the orchestration of all remote IT infrastructure automation workflows, so administrators can monitor and manage everything from behind one pane of glass.

Solving remote IT infrastructure management challenges with the Nodegrid Gen 3 out-of-band platform

The Nodegrid remote IT infrastructure management solution from ZPE Systems is the first Gen 3 out-of-band platform. Nodegrid delivers secure OOB, a robust environmental monitoring system, and end-to-end automation and orchestration in a single Gen 3 OOB serial console.

The Nodegrid Serial Console Plus (NSCP) provides OOB access and network failover via built-in 5G/4G LTE cellular and Wi-Fi modules, ensuring administrators have a dedicated high-speed connection to critical network infrastructure. Nodegrid hardware is protected by onboard security features like TPM 2.0, encrypted SSD, UEFI BIOS protection, secure boot, and geofencing, so you don’t have to worry about malicious actors compromising your management network. The open architecture, Linux-based Nodegrid OS is secured by frequent patches and supports third-party integrations or the direct hosting of third-party applications.

The Nodegrid environmental monitoring system includes sensors for dry contact, temperature, humidity, smoke, airflow, dust, and particulates so you have 24/7 visibility into the conditions in your rack. These sensors integrate seamlessly with the Nodegrid OS as well as the ZPE Cloud remote IT infrastructure management platform.

ZPE Cloud provides a centralized control panel from which to monitor and orchestrate your Gen 3 OOB network. ZPE Cloud’s vendor-neutral platform can “say yes” to any hardware, software, or automation solution you choose, so you can achieve end-to-end infrastructure automation without compromises.

Ready to learn more?

To learn more about how Nodegrid solves remote IT infrastructure management challenges through Gen 3 OOB, contact ZPE Systems

Contact Us

What is a Serial Console’s Role in Modern Enterprise Networks?

by | Jul 27, 2022 | Data Center Management, Data Center Resilience, DevOps, Increase Productivity, NetDevOps, NetDevOps Transformation, Network Automation, Out of Band Management, Power Management, Remote Network Management, Scripting, Serial Consoles, Uncategorized

what is a serial console

Serial consoles have been used to manage business networks since the 80s, but things have changed significantly since then. What is a serial console’s role in modern enterprise networks? In this blog, we discuss the history and evolution of serial consoles as well as the exciting functionality provided by the latest generation.

What is a serial console?

A serial console—a console server, terminal server, serial console router, or serial console switch—is a networking device used to manage other devices. It connects to servers, switches, routers, and other equipment using the serial port (hence the name). Network administrators can then use the serial console to access all connected devices in the data center, server room, or network closet in which it’s installed.

Serial consoles allow admins to manage critical infrastructure without needing to log in to each separate device individually. A serial console also provides out-of-band (OOB) management, creating a completely separate network that’s dedicated to infrastructure management and troubleshooting. OOB management allows you to remotely troubleshoot, monitor, and administer your infrastructure, and more.

How serial consoles have evolved over time

A basic serial console—also called a Generation 1 serial console—provides consolidated remote access to critical infrastructure. It uses a secondary network connection (such as a dial-up modem or cellular SIM card) so admins can control and troubleshoot equipment without relying on the main production network. Using a Gen 1 serial console, admins can access each connected device’s CLI (command line interface).

Gen 1 serial consoles are relatively limited in control, security, and automation. For example, many Gen 1 serial consoles can only manage devices from the same vendor (or a small pool of supported manufacturers). A Gen 1 serial console also lacks in-depth security features like hardware encryption, and generally can’t integrate with third-party Zero Trust Security policies and controls. Plus, most Gen 1s completely lack automation capabilities, or limit you to basic CLI scripts for single tasks.

Gen 2 serial consoles

Frustration over these limitations led to significant advancements in the second generation of serial consoles, or Gen 2. With Gen 2 serial consoles, admins get more control, added security features, and expanded automation capabilities.

For instance, most Gen 2 consoles offer management functionality for third-party devices. These serial consoles also have some built-in security features like Trusted Platform Module (TPM) and frequently support advanced authentication methods like AD/LDAP, Kerberos, and RADIUS. Gen 2 serial consoles also allow for greater automation using Python scripts, APIs, and zero touch provisioning (ZTP).

While Gen 2 serial consoles offer more multi-vendor support than their extremely limited predecessors, they still fall short of true vendor neutrality. For instance, managing third-party and legacy devices often requires expensive adapters or complicated configuration tweaks. Many Gen 2 serial consoles also lack support for Zero Trust integrations such as SAML 2.0 (e.g., Okta, Ping, DUO), making it impossible to completely secure your out-of-band network.

Finally, while Gen 2 serial consoles introduce more automation capabilities, their closed architectures make it impossible to implement end-to-end NetDevOps automation. For example, you might only be able to use one specific scripting language or an approved set of playbooks. It’s also common for Gen 2 serial consoles to only support ZTP of connected devices from the same vendor, so you’re either limited in your automated provisioning capabilities or your choice of infrastructure solutions.

Gen 1 serial consoles provide remote, out-of-band management of multiple devices using CLI commands and scripts over a serial connection. Gen 2 evolved to incorporate more devices, more security features, and more automation capabilities. However, the serial console needed to develop even further to handle the needs of a modern enterprise network.

What is a serial console’s role in modern enterprise networks?

Today’s enterprise network is larger, more complex, and more distributed than Gen 1 serial console developers could have possibly imagined. Network administrators and engineers need to monitor, manage, and troubleshoot infrastructure devices from many different vendors in many different locations. Networks are also constantly threatened by cybercriminals using sophisticated hacking techniques and state-of-the-art malware. Plus, modern businesses must ensure near-constant availability and optimal network performance to stay competitive. Gen 1 and Gen 2 serial consoles simply can’t deliver the control, security, and resilience required by enterprise networks today.

The new Gen 3 serial console addresses older generations’ limitations through true vendor neutrality, multi-layered zero trust security, and end-to-end automation capabilities.

Total infrastructure control

Gen 3’s complete vendor neutrality makes it possible to extend your automation capabilities—including zero touch provisioning—to every physical and virtual asset in your environment, regardless of manufacturer. Gen 3 serial consoles also give network administrators a virtual presence in remote network locations (like data centers and branch offices) through which they can monitor environmental conditions in the rack, power-cycle and enter the BIOS menu of devices, manage power load distribution, and more.

This control is delivered via high-speed OOB (such as a 5G/4G cellular SIM card), giving you 24/7 remote access to critical enterprise infrastructure, even during an ISP outage. Plus, Gen 3 serial consoles use centralized cloud management, which means engineers can manage and troubleshoot remote infrastructure from anywhere, anytime.

A Gen 3 serial console is based on an open architecture, x86 OS, that supports integrations with your choice of infrastructure solutions, cloud services, and automation toolkits. It also includes flexible port configurations and legacy pinouts to control a variety of devices, such as PDUs, IPMI devices, and environmental monitoring sensors.

Comprehensive security

On a hardware level, Gen 3 serial consoles use features like encrypted disks, UEFI secure boot, and TPM 2.0 to ensure unauthorized users can’t access management functionality. Additionally, the OS is frequently updated and patched against new security vulnerabilities before they can be exploited. The Gen 3 serial console also automatically checks the integrity of all newly integrated hardware and software to ensure there are no backdoor vulnerabilities.

A Gen 3 serial console’s vendor-neutral platform supports easy integrations with a variety of zero trust security controls. For instance, you can manage user access to a Gen 3 serial console through third-party Identity and Access Management (IAM) solutions, allowing you to follow zero trust best practices like 2FA, SSO, and dynamic trust verification. A Gen 3 serial console can also integrate with on-premises and cloud-based network security solutions such as next-generation firewalls (NGFW), Secure Access Service Edge (SASE), and Security Service Edge (SSE).

A Gen 3 console includes robust onboard security features, which reduces the risk of an attacker using a stolen serial console to access your management network (and ultimately, your production systems and data). Its open architecture also enables integration with zero trust security controls and providers.

End-to-end automation

The open architecture of a Gen 3 serial console makes it possible to integrate with your choice of infrastructure automation and orchestration tools, or directly host VMs and Docker containers so you can run your own tools. With a Gen 3 serial console, you can use solutions like Ansible, Chef, Puppet, or Kubernetes to automate deployments. You can also use any API you want to automate any workload you need to, no matter how complex.

Gen 3’s advanced automation capabilities enable full pipeline automation so you can achieve NetDevOps transformation. Gen 3 serial consoles also facilitate immutable infrastructure, allowing faster and more agile deployments, updates, and replacements of critical network resources.

With a Gen 3 serial console, you can create a fully-automated network environment. This allows engineers to work more efficiently and reduces the risk of human error causing an outage or security breach.

Nodegrid Serial Console Plus (NSCP)

A Gen 3 serial console, like the Nodegrid Serial Console Plus (NSCP), gives you complete remote control over every component of your network infrastructure, regardless of location or manufacturer. Nodegrid also secures your OOB management network using zero trust security best practices and comprehensive onboard features. Finally, the Gen 3 NSCP allows you to automate whatever tools you want to use, so you can efficiently manage a complex enterprise network without sacrificing speed, security, or control.

 

Learn more about Gen 3 serial consoles:

→   Comparing the Best Console Servers for Data Centers in 2022
→   What Makes a Gen 3 Serial Console?
→   Why You Need a Next-Gen OOB Console Server

What is a serial console’s role in modern enterprise networks?

Schedule a demo of the Gen 3 Nodegrid Serial Console Plus to see for yourself!

Demo

Watch agile networking in action with these Nodegrid demos

by | Dec 16, 2021 | Modernize Legacy Environments, NetDevOps, Network Automation, Out of Band Management, Power Management, Streamline Deployments, Uncategorized, Zero Touch Provisioning (ZTP)

title_demoreel

Watch agile networking in action with these Nodegrid demos

 

ZPE® Systems Network Solutions Architect Rene Neumann shows you how easy it is to enable agile networking. See Nodegrid and ZPE Cloud first hand with our collection of demo videos. You’ll learn how to:

 

  • Use true zero touch for automatic deployments
  • Fully set up environments using rich orchestration
  • Remotely configure and manage edge workloads

Demo: Deploy Networks Fast with ZPE Cloud’s Zero Touch Provisioning

Demo: Fully Provision Edge Network Workloads with Nodegrid

Demo: Orchestrate Branch Network Devices Using Nodegrid

 

View More Videos    Schedule a Demo

Connecting to Networking, Servers, and Power Devices within the Data Center

by | Sep 1, 2020 | Case Studies, Power Management

Background/Problem

A web scale company needed a solution for their environment that would securely access and control networking, servers, and power devices. They needed LLDP to detect network devices, configuration finger print check for security purposes, advanced command line interface (CLI), a performance heavy CPU, the latest security features and puppet/chef automation integration and SNMP support.

The Solution – Nodegrid Serial Console™

ZPE Systems’ Nodegrid Serial Console™ secures the access to all serial ports and allows a network separation implementation via its two network interfaces, protecting IPMI and IoT management ports. With Nodegrid Serial Console running Nodegrid software, the customer is able to manage all devices, regardless of vendor for unparalleled security, access, and control.

Only authorized users are able to access serial ports, and IPMI / IoT management ports in Nodegrid. Weak IPMI credentials and IPMI security vulnerabilities are no longer exposed to the network. Nodegrid functions as a gatekeeper of all the devices, elevating the security of the management network.

Nodegrid also understands multi-vendor Java based KVM viewers and knows how to render them in HTML5 format.

Nodegrid Serial Console is the Next Generation of Serial Console

Nodegrid Serial Console is robust, extensible and programmable. Nodegrid Serial Console (NSC) helps data center managers improve productivity and reduce MTTR costs with the latest technologies. The world’s fastest serial console server also sports industry-exclusive system configuration security checksum™, bare metal booting and recovery capabilities, and Docker readiness. No competing product comes close.

IT staff can manage more devices with fewer cables, IP addresses and configuration time using our industry-exclusive 1U 96 port serial console server. The Nodegrid Serial Console server consolidates and manages attached devices via a Serial Port Connection including: servers, network routers and switches, storage, PDUs, UPSs, and any other device with a serial port.

Nodegrid Serial Console also creates a secure network separation to protect IPMI and IoT management ports and maps IPMI and IoT devices to authorized users. Nodegrid has the ability to handle native Java based KVM viewers, translating them to HTML5 sessions and addressing security and compatibility issues. Provide DHCP IP addresses on the secure management network to your IPMI and IoT devices out of Nodegrid Serial Console and save configuration time.

NSCDiagram
  • Modern 64-bit Linux OS
  • World’s fastest serial console server: Dual-core x86-64bit Intel CPU with 4GB RAM and 32GB SSD memory (upgrades available)
  • World’s highest concurrent session in a serial console: 1,000+ sessions, 20 users per port at 115,200bps
  • World’s first all in one vendor-neutral PDU, support for IPMI and IoT management ports.
  • World’s first high-density 96 port 1U serial console server, also available in 16/32/48 port editions
    HTML5 remote console access – no
  • Java issues unlike outdated competitors
  • World’s first serial console server optimized for Docker and Open Compute Hardware Management
  • World’s first serial console server with bare metal booting and firmware recovery
  • Zero Touch Provisioning and failover to any cellular service provider of your choice (no vendor lock-in)
  • New, easy-to-use software development kit for software innovation

Next Step: Schedule a Demo and See What NodeGrid Can Do For You

We are perfectly positioned to meet anything manufacturers can throw at us. We pioneered IT infrastructure access and control back in the day and we’re pioneering IT infrastructure access and control for today and the future. Check us out. You’ll be glad you did.

Schedule a Nodegrid Demo Today

ZPE Systems, Chatsworth Products Collaborate to Provide Network Managers with Out-of-Band Outlet Control and Monitoring Capabilities

by | Apr 21, 2020 | Monitoring & Reporting, Power Management, Press Releases

ZPE Systems + Chatsworth Products

ZPE Systems, Chatsworth Products Collaborate to Provide Network Managers with Out-of-Band Outlet Control and Monitoring Capabilities

ZPE Systems’ Solution Now Fully Integrates with eConnect® Power Distribution Units to Automate Network Management in Remote Sites

Fremont, CA, April 21, 2020 – ZPE Systems, the industry’s first provider of an Open Infrastructure Management Solution™ for in-band/out-of-band access and control of network, compute, storage and power devices for physical and virtual IT Infrastructures, announces today advanced integration of Chatsworth Products’ (CPI) eConnect® Power Distribution Units (PDU).

The integration brings a unified solution to provide network and facility teams out-of-band access for cabinet-level power, environmental and access control parameters, allowing them to build out an automation plan that helps create a self-sufficient, self-healing environment, particularly in edge sites.

ZPE’s Nodegrid® Infrastructure Management Platform integration with CPI’s eConnect PDUs brings application programming interface (API) connectivity, indirect Command Line Interface (CLI), activity dashboards, actionable data and more to CPI’s line of eConnect PDUs. With the integration, customers will benefit from advanced outlet control and monitoring capabilities.

“ZPE is pleased to collaborate with a leading PDU manufacturer that has such a successful track record in solving unique challenges in cabinet-level power monitoring and access control,” says Arnaldo Zimmermann, Cofounder and CEO of ZPE Systems.

Now, customers can monitor and collect outlet data, and execute scripts according to parameters to automate and self-heal network environments, giving them a 360 view of their networking environment, all from within a single, vendor-neutral infrastructure management solution. Through Nodegrid, eConnect PDUs gain API ties and webhooks for additional automation, as well as indirect CLI access to the PDU itself for additional extensibility.

“The integration with eConnect PDUs grants Nodegrid customers access to a robust intelligent PDU solution. CPI’s eConnect PDUs have the highest operating temperature range in the industry and allow for dramatic savings in networking costs with the Secure Array® IP consolidation technology,” Zimmermann adds. “Networking and facilities teams can do more than just monitor and manage, with Nodegrid they can now automate based on thresholds and data parameters—our support for actionable data means much more efficient network/facilities management.”

“Nodegrid’s robust and reliable infrastructure management capabilities are superior, and add many benefits for customers trying to manage assets in hybrid environments. We are excited to join forces and provide customers with an extensive visualization capability, allowing the PDUs to be managed through the same interface that could be used to manage compute and storage devices,” says Ashish Moondra, Sr. Product Manager at CPI.

Customers can expect to see the ZPE and CPI integration options within Nodegrid starting today. more information on ZPE’s Nodegrid Infrastructure Management platform, visit www.zpesystems.com. For more information on eConnect PDUs, visit www.chatsworth.com/power.

About ZPE Systems, Inc.

ZPE Systems is rethinking the way networks are built and managed by providing software-defined, vendor-neutral infrastructure management and networking solutions.

ZPE Systems’ Nodegrid® platform consolidates, organizes, and simplifies the need for a complete remote access and control solution; Nodegrid solutions address the OOB management needs of the data center, unifies edge networking environments, manages converged infrastructure and provides intelligent automation. ZPE’s smart, consolidated IT management solutions reduce downtime, deliver OPEX savings, and extend the reach of IT workforces.

ZPE’s global headquarters is located in Fremont, California with offices throughout the US and globally in Ireland, India, Brazil and Japan.

ZPE Systems, the ZPE logo and Nodegrid are registered trademarks of ZPE Systems, Inc.

To learn more, visit www.zpesystems.com.

About Chatsworth Products

Chatsworth Products (CPI) is a global manufacturer of products and solutions that protect your ever-growing investment in information and communications technology for IT and industrial automation applications. With decades of experience engineering thermal, power and cable management solutions for the data center, enterprise networking and industrial enclosure markets, CPI is well positioned to provide you with unequaled application expertise, customer service and technical support, as well as a global network of industry-leading distributors.

CPI is listed with the General Services Administration (GSA) under Federal Supply Schedule IT 70. Products are also available through GSA Advantage and through Government Wide Acquisition Contracts (GWACs), including GSA Connections and NITAAC-ECS III (www.chatsworth.com/gov).

To learn more, visit www.chatsworth.com.